Chapter 6 Deploying Wireless Networks for FortiOS 5.0 : Wireless Mesh : Configuring a meshed WiFi network : Configuring the mesh root AP
  
Configuring the mesh root AP
The mesh root AP can be either a FortiWiFi unit’s built-in AP or a FortiAP unit.
To enable a FortiWiFi unit’s Local Radio as mesh root - web-based manager
1. Go to WiFi Controller > Managed Access Points > Local WiFi Radio.
2. Select Enable WiFi Radio.
3. In SSID, select Select SSIDs, then select fortinet.mesh.root.
4. Optionally, adjust TX Power or select Auto Tx Power Control.
5. Select Apply.
 
In a network with multiple wireless controllers, you need to change the mesh SSID so that each mesh root has a unique SSID. Other controllers using the same mesh root SSID might be detected as fake or rogue APs. Go to WiFi Controller > WiFI Network > SSID to change the SSID.
Fortinet also recommends that you create a new preshared key instead of using the default.
To configure a network interface for the FortiAP unit
1. On the FortiGate unit, go to System > Network > Interfaces.
2. Select the interface where you will connect the FortiAP unit and edit it.
3. In Addressing mode, select Manual.
4. In IP/Network Mask, enter an IP address and netmask for the interface.
To maximize the number of addresses available for clients, the interface address should end with 1, for example 192.168.10.1.
5. In DHCP Server select Enable.
An Address Range is entered automatically. It consists of the subnet address space above the interface address. For example, if the interface IP/mask is 192.168.10.100/24, the DHCP address range is 192.168.10.101 through 192.168.10.254.
6. Select OK.
To enable a FortiAP unit as mesh root - web-based manager
1. Connect the root FortiAP unit’s Ethernet port to the FortiGate network interface that you configured for it. Connect the FortiAP unit to its power source.
2. Go to WiFi Controller > Managed Access Points > Managed FortiAP.
If the root FortiAP unit is not listed, wait 15 seconds and select Refresh. Repeat if necessary. If the unit is still missing after a minute or two, power cycle the root FortiAP unit and try again.
3. Select the discovered FortiAP unit and edit its settings.
To use the Automatic profile enter:
AP Profile
Automatic
Enable WiFi Radio
Selected
SSID
Select SSID, then enable fortinet.root.mesh.
Tx Power
Optionally, adjust TX Power or select Auto Tx Power Control.
or
In AP Profile, select Change and the select the custom AP profile you created for the mesh root AP.
4. In State, select Authorize.
5. Select OK.
You need to create firewall policies to permit traffic to flow from the network interface where the FortiAP unit is connected to the network interfaces for the Internet and other networks. Enable NAT.